What is the best method to restrict users who have a blank UID and no TSO privileges from accessing the mainframe via FTP?
Adding NO-OMVS to the users logonid will stop all access to OMVS.
CHANGE logonid NO-OMVS
Specifies that this user cannot use any z/OS UNIX System Services. NO-OMVS overrides any user OMVS profile record defined for the user. This user cannot use the defaults specified in the DFTUSER or DFTGROUP fields of the GSO UNIXOPTS record. (Bit field)